The US Justice Department has charged four Russian government employees with hacking campaigns against the global energy sector as Washington warns companies to stay vigilant against potential cyberattacks in the US. background of Moscow’s invasion of Ukraine.
Criminal charges unsealed on Thursday accuse four Russian nationals of “attempting, assisting and conducting” cyberattacks against hundreds of energy companies in more than 135 countries , including several countries to which Moscow has sought economic, military and security assistance.
While the alleged crimes occurred between 2012 and 2018, DoJ and FBI officials said they provided examples of activities that US agencies fear could happen again as Russia trying to undermine Western support for Ukraine.
A senior DoJ official said: “The conduct alleged in these allegations is the type of behavior that we are concerned about in the current circumstances and has been addressed by various parts of the government involved. states, including the president”. “These charges show the dark art of possibility when it comes to critical infrastructure.”
Joe Biden, president, on Monday alert A Russian cyberattack against the US is underway and told members of the Business Roundtable, a major business lobbying organization, it is their “patriotic duty” to increase strengthen their digital defenses.
“While today’s unsealed criminal charges reflect past activity, they highlight the urgent, ongoing need for American businesses to strengthen their defenses and maintain police presence.” sense,” Lisa Monaco, deputy attorney general of the United States, said in a statement Thursday.
“For weeks now, we have been requiring U.S. businesses and owners of critical infrastructure to have an extremely low threshold to report any unusual activity,” said a senior FBI official. any”.
In one of the two cases made public on Thursday, Evgeny Viktorovich Gladkikh, a computer programmer working for a research institute of the Russian Defense Ministry, and others were accused of conspiring to hack the systems of a Russian defense ministry. overseas refineries, twice resulting in emergency closures.
The 2017 attack sought to cause “physical damage” and cause the refinery to operate in an unsafe manner while still operating normally, the DoJ alleges.
The following year, the defendants allegedly tried to attack similar oil refineries in the US without success.
In the second case, Pavel Aleksandrovich Akulov, Mikhail Mikhailovich Gavrilov and Marat Valeryevich Tyukov – officers at Russia’s Federal Security Service – and others are believed to have targeted oil and gas companies, factories nuclear power as well as utility and power transmission businesses with a supply chain attack between 2012 and 2014. They allegedly installed malware on more than 17,000 devices in the US and abroad.
They are also accused of carrying out cyberattacks between 2014 and 2017 against more than 500 companies in the US and abroad as well as US government agencies including the Nuclear Regulatory Commission. One successful attack involved Wolf Creek Nuclear Operations Corporation, which operates a nuclear power plant in Kansas.
John Hultquist, vice president of intelligence analysis at cybersecurity firm Mandiant, called the charges a “warning shot” for Russian groups carrying out “disruptive cyberattacks”.
“These actions are personal and are intended to signal to anyone working on these programs that they will not be able to leave Russia anytime soon,” he added.
All four defendants remain together. The Russian Embassy in Washington did not immediately respond to a request for comment.
Additional reporting by Hannah Murphy
